|
To whom it may concern,
In the last few days, we've been bombarded by what I believed a denial-attack or mass e-mailing campaing. I looked at the number of connections, and it showed over 16000 or (1600) threads from a single IP address. It slowed our internet connect almost down to a crawl and populating the logs at an alarming rate. I've block the the IP address from where it came from. Why isn't that the SpamFilter dropping the connections on it's own? I had to stop the Spamfilter service manually in order to stop the connects. Or is it not configured properly on my part? Thanks. Also below is just a small sample of the log.
10/22/04 17:48:43:265 -- (1596) - SPF analysis done: - fail
10/22/04 17:48:43:265 -- (1596) - SPF analysis done: - fail
10/22/04 17:48:43:328 -- (1596) - SPF record found. analyzing: - v=spf1 mx ip4:66.28.139.0/24 ip4:66.98.160.93 ip4:66.98.248.20 ip4:207.246.86.0/25 ip4:208.239.240.102 ip4:208.239.240.73 include:newsletterinc.com include:squabblers.com include:newsletterplanet.com include:nichenewsletters.com -all
10/22/04 17:48:43:437 -- (1596) - SPF record found. analyzing: - v=spf1 mx ip4:66.28.139.0/24 ip4:66.98.160.93 ip4:66.98.248.20 ip4:207.246.86.0/25 ip4:208.239.240.102 ip4:208.239.240.73 include:newsletterinc.com include:squabblers.com include:newsletterplanet.com include:nichenewsletters.com -all
10/22/04 17:48:43:484 -- (1596) - SPF analysis done: - fail
10/22/04 17:48:43:531 -- (1596) - SPF record found. analyzing: - v=spf1 mx ip4:66.28.139.0/24 ip4:66.98.160.93 ip4:66.98.248.20 ip4:207.246.86.0/25 ip4:208.239.240.102 ip4:208.239.240.73 include:newsletterinc.com include:squabblers.com include:newsletterplanet.com include:nichenewsletters.com -all
|